Skip to content

unsigned integers for sizes of things #62

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
andrewrk opened this issue Jan 11, 2016 · 3 comments
Closed

unsigned integers for sizes of things #62

andrewrk opened this issue Jan 11, 2016 · 3 comments
Labels
enhancement Solving this issue will likely involve adding new logic or components to the codebase.
Milestone
0.1.0

Comments

@andrewrk
Copy link
Member

Arguments in favor of signed integers for array sizes:

  • Fix underflow in core::str::Searcher::new rust-lang/rust#16590 (comment) in short, if the array size is 10 and you subtract 20 you get undefined behavior.
  • Many POSIX functions return ssize_t (such as read) because they want -1 to mean an error. This means that all that space needed by unsigned isn't needed for these. Why stop there? How about the maximum size of things is @max_value(isize) rather than @max_value(usize).
  • POSIX printf returns int. Negative is error, positive is byte count printed. We want a similar thing, but we'd probably use isize.
  • Iterating backwards to 0 for unsigned integers is tricky.

Arguments in favor of unsigned integers for array sizes:

  • Array lengths don't really have a sign. They can't be negative. So unsigned is more correct.
  • 2x the maximum value. On a 32-bit system, byte arrays would be limited to 2GB in length for signed size.
  • Manual assertions/checks needed when an unsigned number is expected. (assert(num_bytes_to_print >= 0);)
  • Passing a signed number to an unsigned type in C (e.g. size_t) requires a cast.
@andrewrk andrewrk added the enhancement Solving this issue will likely involve adding new logic or components to the codebase. label Jan 11, 2016
@andrewrk andrewrk changed the title Signed integers for sizes of things? Signed integers for sizes of things Jan 11, 2016
@andrewrk
Copy link
Member Author

Jury's in, we're going to use isize as the type for sizes of things.

If you need a 4GB byte array on a 32-bit system, use raw pointers + usize.

@andrewrk andrewrk added this to the debut milestone Jan 18, 2016
@andrewrk
Copy link
Member Author

implemented in ae2151a

@andrewrk
Copy link
Member Author

Changing stance on this. We're going back to usize. Additional reasons:

  • We ran into some awkward casting situations that made usize seem easier to use.
  • The rust issue linked above actually is solved in zig with debug safety turned on for integer overflow.

@andrewrk andrewrk reopened this Apr 26, 2016
@andrewrk andrewrk changed the title Signed integers for sizes of things unsigned integers for sizes of things Apr 26, 2016
@andrewrk andrewrk mentioned this issue Nov 2, 2016
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Solving this issue will likely involve adding new logic or components to the codebase.
Projects
None yet
Milestone
0.1.0
Development

No branches or pull requests
1 participant
@andrewrk